Vulnerabilities > CVE-2023-48849 - Unspecified vulnerability in Ruijie products

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

ruijie

critical

NVD

Published: 2023-12-06

Updated: 2023-12-11

Summary

Ruijie EG Series Routers version EG_3.0(1)B11P216 and before allows unauthenticated attackers to remotely execute arbitrary code due to incorrect filtering.

Vulnerable Configurations

Part	Description	Count
OS	Ruijie Ruijie RG Eg1000C Firmware 3.0\(1\)B11P216 Ruijie RG Eg1000E Firmware 3.0\(1\)B11P216 Ruijie RG Eg105G Firmware 3.0\(1\)B11P216 Ruijie RG Eg105G V2 Firmware 3.0\(1\)B11P216 Ruijie RG Eg105G E Firmware 3.0\(1\)B11P216 Ruijie RG Eg105G P Firmware 3.0\(1\)B11P216 Ruijie RG Eg105G PE Firmware 3.0\(1\)B11P216 Ruijie RG Eg105Gw(T) Firmware 3.0\(1\)B11P216 Ruijie RG Eg105Gw X Firmware 3.0\(1\)B11P216 Ruijie RG Eg2000Ce Firmware 3.0\(1\)B11P216 Ruijie RG Eg209Gs Firmware 3.0\(1\)B11P216 Ruijie RG Eg2100 P Firmware 3.0\(1\)B11P216 Ruijie RG Eg210G E Firmware 3.0\(1\)B11P216 Ruijie RG Eg210G P Firmware 3.0\(1\)B11P216 Ruijie RG Eg210G PE Firmware 3.0\(1\)B11P216 Ruijie RG Eg3000Eu Firmware 3.0\(1\)B11P216 Ruijie RG Eg3000Xe Firmware 3.0\(1\)B11P216 Ruijie RG Eg305Gh P E Firmware 3.0\(1\)B11P216 Ruijie RG Eg310Gh E Firmware 3.0\(1\)B11P216 Ruijie RG Eg3230 Firmware 3.0\(1\)B11P216 Ruijie RG Eg3250 Firmware 3.0\(1\)B11P216	21
Hardware	Ruijie Ruijie RG Eg1000C - Ruijie RG Eg1000E - Ruijie RG Eg105G - Ruijie RG Eg105G V2 - Ruijie RG Eg105G E - Ruijie RG Eg105G P - Ruijie RG Eg105G PE - Ruijie RG Eg105Gw(T) - Ruijie RG Eg105Gw X - Ruijie RG Eg2000Ce - Ruijie RG Eg209Gs - Ruijie RG Eg2100 P - Ruijie RG Eg210G E - Ruijie RG Eg210G P - Ruijie RG Eg210G PE - Ruijie RG Eg3000Eu - Ruijie RG Eg3000Xe - Ruijie RG Eg305Gh P E - Ruijie RG Eg310Gh E - Ruijie RG Eg3230 - Ruijie RG Eg3250 -	21

References

https://github.com/delsploit/CVE-2023-48849